Log out of DiS, then log back in. Note how your password, while entered, is 'hidden'.

Now on DiS your username is also your display name...and it's not like there's much need for great security but this isn't always the case. If you had a display name and your username was never disclosed then you can see how it would heighten security for BOTH to be hidden when entered.

Not all the username has to be displayed just enough of it to indicate to the user which username they are logging in as (unless they are doofusses and make this visible bit common to all their accounts.

I agree in my professional view.

Of course this would require a lot of retro coding and testing......no problem with that but why would any institution be the first to do that? (they're not doing it why should we?) I mean what is the business purpose.....it would only be their customers loosing money.......if all banks agree not to change it then they will all save themselves the cost of reprogramming/testing and also not lose market share, they wont lose out.

Interestingly is the PIN number rather than signing......I havnt heard of muggings and threats for pin numbers yet, but at least with a cheque if it was forged then it could be proven forensically that it was forged. If someone gets your card and pin and enters that....no forensic evidence would be present to prove you didnt enter the pin (and I bet any cctv footage will mysteriously disappear)

hiding the username is pointless as it's not considered secure information, you'd be better off adding a second password field.

"Not all the username has to be displayed just enough of it to indicate to the user which username they are logging in as"

pish. that's a contradiction, you need to display the whole thing otherwise you can't authoritatively let the user know which username, ie the difference between "user1" and "user2" as usernames. to differentiate between the two means revealing them